If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Re: bruteforce 8 character (uppercase) password

About the dictionnary attack, it's assuming the WPA is based on a passphrase... Which where I live is pretty much never the case ! And I believe dictionnary attacks are a sub-kind of brute force, so I stand on the point that the only way to crack WPA is brute force !
(Except if you go in the hole 196-ish thing...)

Re: bruteforce 8 character (uppercase) password

brute force and dictionary attacks are two very different things. A dictionary attack has nothing to do with enumerating every possible combination of characters, unless you generate a list of every possible combination. Even in that case that's still just a brute force list.

Re: bruteforce 8 character (uppercase) password

I always considered dictionary attacks to be a kind of brute force as well. I may be wrong but its always the way I viewed them. If this is not the case then there are 2 ways of cracking WPA and I stand corrected.

Originally Posted by 2901119

brute force and dictionary attacks are two very different things. A dictionary attack has nothing to do with enumerating every possible combination of characters, unless you generate a list of every possible combination. Even in that case that's still just a brute force list.

"Never do anything against conscience -- even if the state demands it."
-- Albert Einstein

Re: bruteforce 8 character (uppercase) password

If you search the backtrack 4 forums this topic has also been covered multiple times where many knowledgeable people come to agree that they are two very different attacks.

When you break it all down: one attack, if given enough time is guaranteed to work while the other attack only works if the word is in the dictionary file.

Why do you guys think its called a BRUTE FORCE attack? Certainly not because you're trying a small fraction of possible passwords that you have in a dictionary file, but because you're throwing everything at it and trying all of possible combinations of characters until you do find the right password.

Re: bruteforce 8 character (uppercase) password

Yeah, I see your point. And I'm not saying they are the same, but very similar since in both case you try a large number of possibilities against a hash (for example). One is just more "intelligent" than the other, even if risks of failure are greater*.

If you search the backtrack 4 forums this topic has also been covered multiple times where many knowledgeable people come to agree that they are two very different attacks.

When you break it all down: one attack, if given enough time is guaranteed to work while the other attack only works if the word is in the dictionary file.

Why do you guys think its called a BRUTE FORCE attack? Certainly not because you're trying a small fraction of possible passwords that you have in a dictionary file, but because you're throwing everything at it and trying all of possible combinations of characters until you do find the right password.

"Never do anything against conscience -- even if the state demands it."
-- Albert Einstein

Re: bruteforce 8 character (uppercase) password

Re: bruteforce 8 character (uppercase) password

You probably want to find another way of cracking that WPA passphrase. There are 302231454903657293676544 possible combinations.

Regards

Not if you know it's an 8 character all uppercase password. Then it's only 208872064576 combinations.

Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

Re: bruteforce 8 character (uppercase) password

Oh, much better then
(which it is in fact, given the previous figure... but hell, that's an awful lot too !)

True, just shows you why wpa2 is such a bitch to crack. It would probably be easier to just watch someone enter the password on their laptop from a spy satellite.....

Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69